Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/0DFAC04CFBD111EE98310A1FC4F9AE02.roa
File: 0DFAC04CFBD111EE98310A1FC4F9AE02.roa (raw, json)
Hash identifier: uLZbsMUtsJuzXYTdkUHwrA3LsOg3H2yRAAj5EGxdEHk=
Subject key identifier: 84:99:D3:D3:6D:83:74:EA:FB:C5:EA:AD:57:A5:1A:E1:92:BE:F2:72
Certificate issuer: /CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Certificate serial: 0B69
Authority key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/0DFAC04CFBD111EE98310A1FC4F9AE02.roa
Signing time: Sat 27 Apr 2024 21:28:51 +0000
ROA not before: Sat 27 Apr 2024 21:28:51 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 18206
IP address blocks: 49.236.192.0/24 maxlen: 24
49.236.193.0/24 maxlen: 24
49.236.194.0/24 maxlen: 24
49.236.195.0/24 maxlen: 24
49.236.197.0/24 maxlen: 24
49.236.199.0/24 maxlen: 24
49.236.203.0/24 maxlen: 24
49.236.204.0/24 maxlen: 24
112.137.160.0/24 maxlen: 24
112.137.161.0/24 maxlen: 24
112.137.162.0/24 maxlen: 24
112.137.169.0/24 maxlen: 24
112.137.170.0/24 maxlen: 24
112.137.172.0/24 maxlen: 24
112.137.173.0/24 maxlen: 24
112.137.175.0/24 maxlen: 24
119.110.97.0/24 maxlen: 24
119.110.99.0/24 maxlen: 24
119.110.102.0/24 maxlen: 24
119.110.107.0/24 maxlen: 24
119.110.108.0/24 maxlen: 24
124.197.224.0/20 maxlen: 20
124.197.224.0/22 maxlen: 22
124.197.224.0/24 maxlen: 24
124.197.225.0/24 maxlen: 24
124.197.233.0/24 maxlen: 24
124.197.238.0/24 maxlen: 24
124.197.239.0/24 maxlen: 24
202.75.45.0/24 maxlen: 24
202.162.0.0/19 maxlen: 24
202.165.0.0/19 maxlen: 24
203.153.80.0/20 maxlen: 24
210.48.146.0/24 maxlen: 24
210.48.151.0/24 maxlen: 24
2404:b8::/32 maxlen: 32
2404:b8::/48 maxlen: 48
2404:b8:0:1::/64 maxlen: 64
2404:b8:1::/48 maxlen: 48
2404:b8:3::/48 maxlen: 48
2404:b8:20::/43 maxlen: 43
2404:b8:2000::/44 maxlen: 44
2404:b8:2020::/43 maxlen: 43
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 20:52:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2921 (0xb69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Validity
Not Before: Apr 27 21:28:51 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=662d6e13-3c01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:53:27:67:b7:64:75:77:e3:69:00:d6:a7:18:
a8:d8:93:90:b8:36:53:f7:fb:73:88:d3:24:f0:0e:
d4:a0:04:f2:d4:6f:fe:72:c2:de:a9:f1:2a:94:c0:
06:3a:75:1d:6d:5c:d2:d2:7c:9c:5f:5e:65:56:b4:
54:38:c8:31:cf:dc:cd:d1:f2:7b:b8:b3:5b:8f:af:
1d:3d:e9:2a:c9:cc:69:80:86:95:9e:16:db:83:f8:
56:7e:89:11:08:8c:c2:5b:2f:4a:df:16:e1:1c:21:
b1:38:5c:61:a1:c7:82:90:c0:1c:39:a2:f6:e6:ff:
23:de:59:61:a2:cf:b5:de:0f:2e:ae:de:44:39:ea:
94:61:01:6b:9f:bf:ca:6c:6b:66:ff:08:7f:a5:d1:
56:47:71:57:01:ca:b7:81:9b:44:1c:dc:7f:38:6a:
44:d3:0c:44:cb:ba:df:a3:ee:81:df:9c:9e:55:86:
48:19:52:86:ca:72:55:3f:bb:be:84:c1:ec:ff:07:
9a:bc:da:92:e5:18:bb:f8:29:16:bd:d6:04:a7:dd:
52:82:81:1c:49:20:2d:07:6a:dd:d8:6d:c0:34:43:
a8:8c:f1:15:2d:25:d7:a4:3e:7f:63:cc:ff:40:af:
2b:74:b4:fd:5f:7f:54:82:8d:89:95:ce:e8:32:28:
12:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:99:D3:D3:6D:83:74:EA:FB:C5:EA:AD:57:A5:1A:E1:92:BE:F2:72
X509v3 Authority Key Identifier:
keyid:40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/0DFAC04CFBD111EE98310A1FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.236.192.0/22
49.236.197.0/24
49.236.199.0/24
49.236.203.0-49.236.204.255
112.137.160.0-112.137.162.255
112.137.169.0-112.137.170.255
112.137.172.0/23
112.137.175.0/24
119.110.97.0/24
119.110.99.0/24
119.110.102.0/24
119.110.107.0-119.110.108.255
124.197.224.0/20
202.75.45.0/24
202.162.0.0/19
202.165.0.0/19
203.153.80.0/20
210.48.146.0/24
210.48.151.0/24
IPv6:
2404:b8::/32
Signature Algorithm: sha256WithRSAEncryption
ab:2b:2f:c0:20:2f:2f:b1:84:9b:63:84:66:1b:43:df:80:ad:
11:dd:74:81:7e:a7:a6:ba:1e:5a:2c:09:65:56:08:c0:4b:ab:
fd:f8:ca:a9:44:73:eb:7e:b5:5b:9d:ac:32:b9:06:37:79:e0:
c7:32:90:07:35:fa:50:a0:86:53:41:f2:cc:25:e4:74:b6:f2:
0e:a3:9c:9b:f2:ba:eb:d4:84:a4:06:99:e5:4c:2d:4d:7f:b4:
f2:db:0c:ae:6f:af:78:a5:25:d5:8b:9f:51:2d:92:c6:51:3f:
d8:6c:fb:2e:46:5d:32:e3:02:ca:9c:1f:7e:30:99:fe:d4:6d:
33:f8:38:9c:b9:b1:d4:80:16:aa:16:e5:67:dd:91:bd:ad:3e:
66:cb:ff:04:59:51:65:5b:f2:99:8b:35:53:da:c7:bb:c7:7f:
e2:2e:bd:98:fc:27:46:e9:26:5e:26:22:40:31:d6:28:44:8c:
2b:a2:a0:ac:29:3c:7f:5a:e7:8d:d1:e7:b6:97:49:8d:b9:ec:
d4:f2:28:4a:3a:1f:e3:d3:32:ca:d8:77:e6:a2:8d:c0:09:60:
f7:4f:4e:92:4f:06:e8:93:bc:58:e5:20:92:5a:ab:af:e6:1b:
56:8b:8b:84:f6:60:90:d8:8a:e3:97:6b:6c:68:57:c3:0b:45:
da:b1:eb:80
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgICC2kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5Qjk5QjYwQkJF
Q0QxRDczQjYwHhcNMjQwNDI3MjEyODUxWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjJkNmUxMy0zYzAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt1MnZ7dkdXfjaQDWpxio2JOQuDZT9/tziNMk8A7UoATy1G/+csLeqfEqlMAG
OnUdbVzS0nycX15lVrRUOMgxz9zN0fJ7uLNbj68dPekqycxpgIaVnhbbg/hWfokR
CIzCWy9K3xbhHCGxOFxhoceCkMAcOaL25v8j3llhos+13g8urt5EOeqUYQFrn7/K
bGtm/wh/pdFWR3FXAcq3gZtEHNx/OGpE0wxEy7rfo+6B35yeVYZIGVKGynJVP7u+
hMHs/weavNqS5Ri7+CkWvdYEp91SgoEcSSAtB2rd2G3ANEOojPEVLSXXpD5/Y8z/
QK8rdLT9X39Ugo2Jlc7oMigShwIDAQABo4IDNTCCAzEwHQYDVR0OBBYEFISZ09Nt
g3Tq+8XqrVelGuGSvvJyMB8GA1UdIwQYMBaAFEBWLBQ6KcsZxw/8m5m2C77NHXO2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC9CRTg4NDZEMjM1
RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRvcHl4bkhEX3libWJZTHZzMGRj
N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FGWXNGRG9weXhuSERfeWJtYllMdnMwZGM3WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBNzgvQkU4ODQ2RDIzNUQ4MTFFQUE3MzBFQzQ2QzRGOUFFMDIvMERGQUMwNENG
QkQxMTFFRTk4MzEwQTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgb4GCCsGAQUFBwEHAQH/
BIGuMIGrMIGZBAIAATCBkgMEAjHswAMEADHsxQMEADHsxzAMAwQAMezLAwQAMezM
MAwDBAVwiaADBABwiaIwDAMEAHCJqQMEAHCJqgMEAXCJrAMEAHCJrwMEAHduYQME
AHduYwMEAHduZjAMAwQAd25rAwQAd25sAwQEfMXgAwQAykstAwQFyqIAAwQFyqUA
AwQEy5lQAwQA0jCSAwQA0jCXMA0EAgACMAcDBQAkBAC4MA0GCSqGSIb3DQEBCwUA
A4IBAQCrKy/AIC8vsYSbY4RmG0PfgK0R3XSBfqemuh5aLAllVgjAS6v9+MqpRHPr
frVbnawyuQY3eeDHMpAHNfpQoIZTQfLMJeR0tvIOo5yb8rrr1ISkBpnlTC1Nf7Ty
2wyub694pSXVi59RLZLGUT/YbPsuRl0y4wLKnB9+MJn+1G0z+DicubHUgBaqFuVn
3ZG9rT5my/8EWVFlW/KZizVT2se7x3/iLr2Y/CdG6SZeJiJAMdYoRIwroqCsKTx/
WueN0ee2l0mNuezU8ihKOh/j0zLK2Hfmoo3ACWD3T06STwbok7xY5SCSWquv5htW
i4uE9mCQ2Irjl2tsaFfDC0XaseuA
-----END CERTIFICATE-----
Generated at Sat Jun 1 00:13:09 2024 by rpki-client on console-ams.rpki-client.org